ASCF News

SpaceX may be riding high after the first-ever astronaut launch of its Crew Dragon spacecraft at the weekend, but there’s little time for rest.

On Wednesday, June 3, the SpaceX team will begin its next mission, sending another batch of internet-providing satellites into low-Earth orbit.

SpaceX’s Falcon 9 rocket will lift off from Cape Canaveral in Florida before deploying 60 small satellites for the ambitious Starlink project aimed at providing broadband services for customers globally. It currently has a total of 420 satellites in operation as it preps the launch of a private beta of the service in the coming months.

Starlink has, however, been causing concern among astronomers who fear that the satellites’ reflective surfaces will hinder their ability to get a clear view of deep space, and also interfere with radio wavelengths used during their space exploration work. But SpaceX CEO Elon Musk says his team is experimenting with a number of solutions, including a special coating to make the satellites less reflective, and a visor to deflect the rays of the sun.

What to look out for

The excitement around last Saturday’s historic launch is likely to have won SpaceX some new fans. On Wednesday, newbies can enjoy not only the spectacular sight of the Falcon 9 rocket heading to space, but also the incredible moment minutes later when the booster returns to Earth and lands upright on a barge off the coast of Florida. You should also look out for a video of its ship attempting to catch the rocket’s nose cone as it returns to Earth — something easier said than done — as well as the moment the 60 satellites deploy and majestically glide apart.

A group of protesters in Louisville have formed a human shield to protect a police officer after he was separated from his unit.

Images circulating on social media show several black men linked arm-in-arm as they form a human barricade around the lone officer. The men put their own lives in danger as they placed themselves between a growing hostile crowd and the police officer.

The officer was allegedly being threatened by rioters after he found himself separated from his squad during violent protests in the area.

More than 170 businesses have been damaged or lotted and dozens of fires set during the riots following the death of George Floyd.

According to President Trump, up to 80% of rioters in Minneapolis were from out of state. The President said these “organised groups” of protesters have nothing to do with George Floyd and are using his death to stir up racial division and civil unrest.

The black community in Minneapolis has called out ANTIFA for causing “chaos” on the back of Floyd’s death.

“Like I said to all my white brothers and sisters, we appreciate you all being out here and supporting us, but this is not your space. This is not your space. Period. We don’t need this bullsh*t right here.

“Because what our reality is, when this sh*t is all said and done, we wake up, we’re still going to be black in America. That’s nothing against none of you all. That’s not what I’m saying. But we’re not going to allow you all to go up there and start causing chaos and confusion. It’s just not going to happen.”

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those who don’t. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic.

Over the past 24 hours, the crooks responsible for spreading the ransom malware “REvil” (a.k.a. “Sodin” and “Sodinokibi“) used their Dark Web “Happy Blog” to announce its first ever stolen data auction, allegedly selling files taken from a Canadian agricultural production company that REvil says has so far declined its extortion demands.

The victim firm’s auction page says a successful bidder will get three databases and more than 22,000 files stolen from the agricultural company. It sets the minimum deposit at $5,000 in virtual currency, with the starting price of $50,000.

Experts say the auction is a sign that ransomware groups may be feeling the financial pinch from the current economic crisis, and are looking for new ways to extract value from victims who are now less likely or able to pay a ransom demand.

Lawrence Abrams, editor of the computer help and news Web site BleepingComputer, said while some ransomware groups have a history of selling victim data on cybercrime forums, this latest move by REvil may be just another tactic used by criminals to force victims to negotiate a ransom payment.

“The problem is a lot of victim companies just don’t have the money [to pay ransom demands] right now,” Abrams said. “Others have gotten the message about the need for good backups, and probably don’t need to pay. But maybe if the victim is seeing their data being actively bid on, they may be more inclined to pay the ransom.”

There is some evidence to suggest that the recent economic downturn wrought by COVID-19 has had a measurable impact on ransomware payouts. A report published in mid-April by cryptocurrency research firm Chainalysis found that ransomware payments “have decreased significantly since the COVID-19 crisis intensified in the U.S. and Europe in early March.”

Abrams said other ransomware groups have settled on different methods to increase victim payouts, noting that one prominent gang is now doubly extorting targets — demanding one payment amount in return for a digital key that can unlock files scrambled by the malware, and another payment in exchange for a promise to permanently delete data stolen from the victim.

The implied threat is that victims who pay to recover their files but don’t bite on the deletion payment can expect to see their private data traded, published or sold on the Dark Web.

“Some of these [extortion groups] have said if they don’t get paid they’re going to sell the victim’s data on the Dark Web, in order to recoup their costs,” Abrams said. “Others are now charging a few not only for the ransomware decryptor, but also a fee to delete the victim’s data. So it’s a double vig.”

The FBI and multiple security firms have advised victims not to pay any ransom demands, as doing so just encourages the attackers and in any case may not result in actually regaining access to encrypted files. In practice, however, many cybersecurity consulting firms are quietly urging their customers that paying up is the fastest route back to business-as-usual.

Here are a few tips that can help reduce the likelihood that you or your organization will fall victim to a ransomware attack:

-Patch, early and often: Many ransomware attacks leverage known security flaws in servers and desktops.

-Disable RDP: Short for Remote Desktop Protocol, this feature of Windows allows a system to be remotely administered over the Internet. A ridiculous number of businesses — particularly healthcare providers — get hit with ransomware because they leave RDP open to the Internet and secured with easy-to-guess passwords. And there are a number of criminal services that sell access to brute-forced RDP installations.

-Filter all email: Invest in security systems that can block executable files at the email gateway.

-Isolate mission-critical systems and data: This can be harder than it sounds. It may be worth hiring a competent security firm to make sure this is done right.

-Backup key files and databases: Bear in mind that ransomware can encrypt any network or cloud-based files or folders that are mapped and have been assigned a drive letter. Backing up to a secondary system that is not assigned a drive letter or is disconnected when it’s not backing up data is key. The old “3-2-1” backup rule comes into play here: Wherever possible, keep three backups of your data, on two different storage types, with at least one backup offsite.

-Disable macros in Microsoft Office: Block external content in Office files. Educate users that ransomware very often succeeds only when a user opens Office file attachment sent via email and manually enables Macros.

In December, Saudi Air Force officer Mohammed Saeed Alshamrani shot and killed three U.S. sailors and wounded eight others at Naval Air Station Pensacola in Florida. While al-Qaida’s affiliate in the Arabian Peninsula (AQAP) took credit for the attack, the extent of the group’s involvement remained unresolved for several months as the FBI faced difficulties gaining access to the contents of Alshamrani’s Apple iPhone. However, last month, U.S. officials revealed that al-Qaida operatives had regularly communicated with Alshamrani for years and oversaw the terrorist’s planning process. The shooting marks the first lethal attack in the U.S. directed by an international terrorist group since the September 11 attacks.

Recent plots and new evidence revealed last month show that jihadist groups like al-Qaida and the Islamic State (ISIS) are actively seeking to attack the U.S. homeland. While counterterrorism efforts have increasingly focused on emerging threats, such as right-wing extremism, jihadist terrorism continues to pose a significant threat to U.S. national security.

On May 29, a Florida woman, Alison Marie Sheppard (a.k.a. Aiisha Abdullah), was sentenced to almost six years in prison for attempting to provide material support to ISIS. According to court documents, Sheppard planned to send cellphones to the terrorist organization to use as timers for explosives devices. Since 2016, Sheppard used Facebook and other social media outlets to communicate with jihadist sympathizers and share extremist Islamist propaganda online. Undercover law enforcement helped disrupt the plot after posing as ISIS supporters in communications with Sheppard.

Last week, the Department of Justice charged Muhammed Momtaz Al-Azhari, a 23-year-old U.S. citizen, for similarly attempting to offer tangible support to ISIS and planning an attack on behalf of the terrorist group. According to a criminal complaint, the suspect was inspired to emulate an Islamic State sympathizer who had carried out a mass shooting at an Orlando nightclub which killed 49 people in 2016.

In 2018, Al-Azhari returned to the U.S. following a three-year prison sentence in Saudi Arabia for attempting to join a terrorist organization in Syria. He eventually settled in Tampa Bay – where he was arrested on May 24 after acquiring weapons to be used in an attack. Al-Azhari allegedly scouted potential targets, communicated with Islamic State sympathizers online, and was immersed in the terrorist group’s propaganda.

Islamic State operatives have been known to use the internet and social media outlets to inspire or direct terrorist attacks around the globe, as these latest Florida cases illustrate.

But last year’s attack at the Pensacola naval airbase shows that ISIS is not the only jihadist group planning attacks. Al-Qaida remains an enduring threat to U.S. homeland security.

Last week, a Somali-born naturalized U.S. citizen was indicted for seeking to provide material support to the al-Qaida-affiliated al-Shabab terrorist organization. Liban Haji Mohamed lived in Northern Virginia when he was believed to have traveled to East Africa to join the Somalia-based terrorist organization in 2012. According to the FBI, Mohamed is “a recruiter and radicalizer for al-Shabab” and remains a wanted fugitive. A recent study on U.S. foreign fighters shows that Virginia is one the top three states with the highest proportional rates of recruitment for jihadist organizations.

Hundreds of American jihadists have traveled or sought to travel to foreign conflicts to fight on behalf of Islamist terrorist organizations in Iraq, Syria, Afghanistan, Pakistan, Libya, Egypt, Somalia, Libya, Mali, Nigeria, and Yemen.

While foreign sources of terrorism pose a serious concern, the main jihadist threat to the U.S. comes from within. Most perpetrators of such plots in the U.S. are American citizens or residents.

To portray a more accurate picture of jihadist threats, it is important for investigators and researchers to incorporate disrupted terrorist plots into their threat assessments. One report from the National Consortium for the Study of Terrorism and Responses to Terrorism (START) identifies 121 jihadist plots targeting the United States since the 1993 World Trade Center bombing until 2017 – ranging from failed and foiled plots to successful attacks. During this period, terrorist plots and attacks increased significantly after 2010 and then again following the rise of the Islamic State in 2014. Only 15 of these plots were fully carried out as planned.

Evaluating terrorist activity solely based on successful attacks skews our understanding of terrorist threats. According to the START report, 82 percent of U.S. jihadist plots were completely or partially disrupted. Similar to the recent Al-Azhari case, government intervention – either through surveillance or the use of informants – is responsible for preventing most jihadists plots in the U.S. But forewarnings from community or family members also play an important role to trigger counterterrorism investigations. Among all foiled plots, 12 incidents were intercepted in the final stages of the planning process, shortly before a would-be assailant appeared ready to carry out an attack. Reporting foiled plots also showcases effective law enforcement and counterterrorism measures to a concerned public.

The United Kingdom warned the Chinese Communist Party (CCP) that if it continues with its decision to impose the “authoritarian” national security law on Hong Kong then Britain will be forced to form an alliance with Western powers against the regime in Beijing.

Foreign secretary Dominic Raab told Parliament on Tuesday: “There is time for China to reconsider, there is a moment for China to step back from the brink and respect Hong Kong’s autonomy and respect China’s own international obligations.”

Mr Raab said that the if the national security law is imposed on Hong Kong, “it would violate China’s own Basic Law” as well as ending the “One Country, Two Systems paradigm” that was agreed to in the Sino-British Joint Declaration, which guaranteed the city local autonomy for 50 years after the United Kingdom handed over control of the former British colony to China in 1997.

The law, which was passed last week by the National People’s Congress (NPC), the rubber-stamp legislative body of the Chinese Communist Party, will criminalise any act that the CCP considers to be a form of “secession” or “acts against national security” in Hong Kong. The law is seen by critics of the communist state as a means of clamping down on the pro-freedom protest movement in the city.

The foreign secretary said that “the United Kingdom, have historic responsibilities, a duty I would say, to the people of Hong Kong”, and therefore would look form an alliance against the country with other Western nations.

The government would also begin extended visa rights and possibly offer citizenship to British National Overseas (BNO) passport-holders in Hong Kong. There are an estimated 300,000 BNO holders in the city, but upwards of 2.9 million Hong Kongers are eligible to apply for the status.

Following the passage of the national security law last week, the founder and chairman of Hong Kong Watch, Benedict Rogers, told Breitbart London: “Today freedom and autonomy in Hong Kong are dead. The Chinese Communist Party has broken its promises and killed Hong Kong.”

“Boris Johnson must now speak out personally, robustly and clearly, mobilise the international community to act as one, and impose targeted Magnitsky sanctions,” Rogers added.

On Tuesday, the Chief Executive of Hong Kong, Carrie Lam Cheng Yuet-ngor, defended the draconian national security legislation by comparing the pro-democracy protesters in Hong Kong to the Black Lives Matter and Antifa rioters that have looted and vandalised cities across the U.S. following the death of George Floyd.

“There are riots in the United States and we see how local governments reacted. And then in Hong Kong, when we had similar riots, we saw what position they adopted,” Lam said, according to the South China Morning Post.

“For some countries that have had a high-profile response and claimed they will take action, I can only describe them as upholding double standards. They value very much their own national security, but are biased in viewing ours.”

On Monday, the Hong Kong police announced that the city would be banning the annual vigil held for the victims of the Tiananmen Square massacre for the first time in 30 years. The authorities claimed that the ban was a result of the Wuhan coronavirus; however, many believe the move was made to appease the communist government in Beijing.

The recent high-profile cyber attack that struck British budget airline easyJet may have been carried out by Chinese hackers, new research and multiple sources have suggested.

The cyber attack, which saw the email addresses and travel details of millions of passengers being robbed—as well as the credit card details of some 2,000—was reportedly conducted by the very same group of Chinese hackers responsible for other attacks on a number of airlines in recent months.

“We would like to apologize to those customers who have been affected by this incident,” said easyJet’s boss, Johan Lundgren. “Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams.”

“As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications,” added Lundgren.

Information remains scant concerning the identity of the alleged Chinese hackers behind the cyber attack, with the Chinese embassy in London declining to comment when questioned by local newspaper The Sun.

How the cyber attack unfolded

According to sources who spoke to news agency Reuters, the hacking tools and techniques used in the cyber attack incident pointed to a group of Chinese hackers as the culprits. The unnamed group reportedly has a history of carrying out malicious cyberattacks on airline companies, the sources said.

The sources, who spoke under the condition of anonymity, explained that the Chinese hackers responsible had previously been in the business of targeting travel records and other data in order to track the movement of specific individuals. In this way, the cyber attack seems to have been less motivated by financial gain as it was by espionage.

The hacking tools and techniques in question—which appear similar those used in previous security breach incidents involving airlines—allowed the Chinese hackers to walk away with that same data belonging to some 9 million easyJet customers in total.

In response to the cyber attack incident, easyJet has kicked off an investigation into the matter, claiming that results so far seem to indicate that the Chinese hackers had been targeting intellectual property, as opposed to data that would assist in identity theft, such as CVV/CVC numbers. The investigation’s preliminary findings support the claim that the hackers did indeed have a motive for the attack that was more than mere financial gain.

The airline has said that it will have contacted all affected customers by May 26, and that it is advising all users to be wary of phishing attacks in the wake of this security breach.

The ICO: A spanner in the wheel

Aside from easyJet’s internal investigation into the incident, another investigation is being carried out simultaneously—this time by the UK’s Information Commissioner’s Office (ICO) to determine whether the airline itself had not properly protected the personal data of its customers.

According to multiple reports, the ICO investigation will likely result in easyJet facing a heavy fine for the data breach having occurred in the first place.

“People have the right to expect that organizations will handle their personal information securely and responsibly. When that doesn’t happen, we will investigate and take robust action where necessary,” the ICO said in a statement.

Such a fine would by no means be unprecedented in the UK aviation industry. British Airways, for example, is currently in the process of appealing against a £183 million ($223 million) fine that it received from the ICO last year after cyber criminals stole the credit card details of hundreds of thousands of its customers the year before.

Data in the hands of Chinese hackers

Because of the lack of information that has so far surfaced about both the attack itself, and the precise motives of the Chinese hackers behind it; it remains up in the air as to how the personal information stolen might end up being used.

According to Oz Alashe, chief executive at the UK cyber security awareness firm CybSafe, customers whose personal data was impacted by the cyber attack are most likely to experience phishing attacks, or some variant thereof.

“There is a risk that some of the victims of this data breach will receive phishing emails. These may be targeted and can be difficult to spot. For the smaller subset of customers who have had financial information stolen, credit and or debit cards will need to be cancelled. It remains unclear whether financial data was encrypted and how this was compromised,” explains Alashe.

He goes on to point out that, in the wake of a cyber attack of such a scale, the onus rests on easyJet to remain transparent and honest with its customers as more information becomes available.

“For easyJet, continued transparency is now of the utmost importance. It is vital that the company keeps its customers informed. While the business has promised to contact those affected ‘no later than 26th of May’, notification must come as soon as possible if feasible,” Alashe adds.

Americans are increasingly of the opinion that the coronavirus pandemic will alter the global balance of power, with more now believing China is becoming a major threat to the U.S. than two years ago. That’s according to analysis by the Pew Research Center.

In a series of polls, a cross-section of the U.S. population was asked questions about what they thought the world order would be after the pandemic. When asked whether they thought China’s power and influence were a threat to the U.S., 62 percent of respondents answered yes, a considerable increase from the 2018 figure of 48 percent.

Party affiliation shaped people’s views of China, with Democrats (23 percent) more than twice as likely as Republicans (10 percent) to believe that China’s power will increase due to the pandemic.

Meanwhile, the majority of those who back the GOP (63 percent) believe that Beijing’s influence will diminish because of the pandemic, compared with 40 percent of Democrats.

About a third (31%) of Americans said that China’s influence after the outbreak would remain the same compared with before it, and almost a fifth (17%) think that it will increase.

However, there has been a dip in Americans’ opinions of China’s military strength relative to other major military powers. Six percent of respondents now consider China as the world’s top military power, down from 12 percent in 2016, although nearly a third (30 percent) believe China is the leading economic power.

Meanwhile, only 4 percent of Americans agreed that having China, instead of the U.S., as the world’s leading power would be better for the world, down from 6 percent two years ago. The figures come from three surveys Pew carried out between March and May, with a margin of error of 3.6 percent.

With China so far resisting calls for an independent probe into the cause of the outbreak, Beijing’s ambassador to the U.K Liu Xiaoming raised the prospect of an international review, telling Sky News that it should be “free from politicization.”

The hit by the pandemic to China’s diplomatic standing comes as it faces global pushback over its plans to introduce security laws in Hong Kong, as well as a growing spat with the U.S. over its sale of weapons to Taiwan.

Kishore Mahbubani, author of Has China Won? The Chinese Challenge to American Primacy, said that it would be “logical” for China and the U.S. to be working together on the coronavirus, but “sadly, U.S.-China competition has stepped up even after COVID-19”.

“The United States has launched a major geopolitical contest against China without first working out a comprehensive long-term strategy. Some of the reaction the U.S. is taking against China is impulsive and emotional rather than reasonable and logical,” Mahbubani told Newsweek.

“There is a very strong impulsive reaction to hit out at China whenever it can even if it does not serve America’s interests to do so.

“Inevitably geopolitical tensions rise between the number two and number one power. As China gets stronger and stronger, America gets more and more uncomfortable so America will try to thwart the rise of China,” said Mahbubani, a former Singaporean diplomat who was also president of the United Nations Security Council between January 2001 and May 2002.

The Trump administration Tuesday tightened its web of sanctions around the Maduro regime in Venezuela, blacklisting four companies allegedly involved in the country’s oil sector.

By sanctioning the firms and their vessels, which are registered in the Marshall Islands and Greece, the U.S. Treasury Department is attempting to cut off the flow of revenue President Nicolás Maduro needs to preserve his power. Targeting the private sector with financial sanctions also helps the administration avoid a military confrontation, U.S. officials say.

As Russia, one of Maduro’s last allies around the globe, eases its logistical support for Venezuela’s energy sector in the face of a costly U.S. sanctions campaign, Caracas has increasingly relied on relationships with Iran, narco-traffickers and other illicit networks to trade its oil and gold for fuel and cash, current and former U.S. officials say.

The economy-crippling sanctions have accelerated an economic deterioration that U.S. officials and Venezuela analysts say was already under way because of the Maduro regime’s systemic corruption and mismanagement. Despite a deepening six-year economic depression compounding political opposition to the regime, Mr. Maduro has been able to hold on to power through the aid of those allies.

Iran, another top U.S. foe, has recently begun shipping Venezuela the gasoline and other refined oil products it needs to keep the economy afloat and the country’s military fueled. Venezuela is using international brokers to sell its crude, U.S. and Western officials say, to pay back Iran.

The Venezuelan representative to the United Nations didn’t immediately respond to requests for comment. The Maduro government has condemned the accusations and the sanctions as U.S. propaganda and economic warfare, blaming Washington for its economic woes.

Those blacklisted on Tuesday include Afranav Maritime Ltd., based out of the Marshall Islands, and its Panamanian oil tanker, the Athens Voyager. Another target is Greece-based Seacomber Ltd., the registered owner of the Chios I tanker. Afranav couldn’t immediately be reached for comment. A representative for Seacomber didn’t immediately respond to a request for comment.

The sanctions block any assets the blacklisted companies might have in the U.S. More importantly, they are designed to spook the international business infrastructure shippers need, such as international insurers, port operators, financiers and traders. Anyone found by Washington to be helping the sanction targets risks facing punitive action themselves, including loss of access to the world’s most important finance and trade market, the U.S.

“The United States will continue to target those who support this corrupt regime and contribute to the suffering of the Venezuelan people,” said Treasury Secretary Steven Mnuchin.

The Treasury and State Departments are conducting broad diplomatic campaigns to warn countries, banks, shipping firms and other companies to avoid helping the Maduro regime, persuading nations to deregister ships and cut off credit lines, both of which are necessary for international maritime trade.

Photo: The government of Venezuelan President Nicolás Maduro has condemned sanctions as U.S. propaganda and economic warfare. – VENEZUELAN PRESIDENCY/AGENCE FRANCE-PRESSE/GETTY IMAGES